Skip to content

Commit

Permalink
CI: use trusted publisher for PyPi publishing
Browse files Browse the repository at this point in the history
  • Loading branch information
naveen521kk committed Sep 14, 2024
1 parent f1c4ce1 commit cb832bc
Showing 1 changed file with 43 additions and 70 deletions.
113 changes: 43 additions & 70 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -151,96 +151,69 @@ jobs:
run: |
bash packing/test_wheels.sh $(pwd)
publish_wheels:
needs: [test_wheels_mac, test_wheels_win]
name: Upload wheels
runs-on: ubuntu-latest
if: github.event_name== 'release'
steps:
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: "3.9"

- uses: actions/download-artifact@v3
with:
path: downloads/

- name: Publish release
if: github.event_name == 'release'
shell: bash
env:
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
run: |
mkdir -p wheelhouse/
find downloads/ -name \*.whl -exec cp {} wheelhouse \;
pip install twine
twine upload wheelhouse/*.whl
build_sdist:
name: Source distribution
runs-on: ubuntu-latest
if: github.event_name== 'release'
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup Python
uses: actions/setup-python@v4
uses: actions/setup-python@v5
with:
python-version: "3.8"
python-version: "3.11"

- name: Build Source Distribution
if: ${{ github.event_name== 'release' && runner.os == 'Linux' }}
env:
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
- name: Install dependencies
run: |
sudo apt install libcairo2-dev pkg-config python3-dev
sudo apt-get install libpango1.0-dev
pip install twine
python setup.py sdist
twine upload dist/*
python -m pip install --upgrade build
- name: Build sdist
run: python -m build --sdist

- name: Test sdist
run: |
python -m pip install dist/*.tar.gz
- name: Store artifacts
uses: actions/upload-artifact@v3
with:
path: dist/*.tar.gz
name: manimpango.tar.gz
- name: Install Dependency
run: pip install requests
- name: Get Upload URL
id: create_release
shell: python
env:
access_token: ${{ secrets.GITHUB_TOKEN }}
tag_act: ${{ github.ref }}
name: manimpango-src

publish:
needs: [test_wheels_mac, test_wheels_win, build_sdist]
name: Upload wheels to PyPI
runs-on: ubuntu-latest
environment:
name: release
url: https://pypi.org/p/ManimPango
permissions:
id-token: write
contents: write
if: github.event_name== 'release'
steps:
- uses: actions/download-artifact@v3
with:
path: downloads/

- name: Move files to dist
run: |
import requests
import os
ref_tag = os.getenv('tag_act').split('/')[-1]
access_token = os.getenv('access_token')
headers = {
"Accept":"application/vnd.github.v3+json",
"Authorization": f"token {access_token}"
}
url = f"https://api.github.com/repos/ManimCommunity/manimpango/releases/tags/{ref_tag}"
c = requests.get(url,headers=headers)
upload_url=c.json()['upload_url']
with open(os.environ.get("GITHUB_OUTPUT"), "w") as f:
print(f"upload_url={upload_url}", file=f)
print(f"tag_name={ref_tag[1:]}", file=f)
- name: Upload Release Asset
id: upload-release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
mkdir -p dist/
find downloads/ -name \*.whl -exec cp {} dist \;
find downloads/ -name \*.tar.gz -exec cp {} dist \;
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1

- name: Release
uses: softprops/action-gh-release@v2
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: dist/ManimPango-${{ steps.create_release.outputs.tag_name }}.tar.gz
asset_name: ManimPango-${{ steps.create_release.outputs.tag_name }}.tar.gz
asset_content_type: application/gzip
fail_on_unmatched_files: false
files: |
dist/*.whl
dist/*.tar.gz
success:
needs: [test_wheels_win, test_wheels_mac]
Expand Down

0 comments on commit cb832bc

Please sign in to comment.